The "locally storage credentials" note in the security panel and application settings should be removed. Cryostat 3.0 does not reimplement this bugged mechanism, which was also less secure since it relied on keeping applications' credentials in plaintext within the browser's localstorage. Instead, Cryostat 3.0 requires clients to register credentials into its encrypted database table, also using the more power matchExpression engine to determine which credentials can be applied to outgoing application connections. This server-side storage is already implemented on the web-client so all that must be done is to remove the other localstorage option.
Current Behavior
The "locally storage credentials" note in the security panel and application settings should be removed. Cryostat 3.0 does not reimplement this bugged mechanism, which was also less secure since it relied on keeping applications' credentials in plaintext within the browser's localstorage. Instead, Cryostat 3.0 requires clients to register credentials into its encrypted database table, also using the more power matchExpression engine to determine which credentials can be applied to outgoing application connections. This server-side storage is already implemented on the web-client so all that must be done is to remove the other localstorage option.
Expected Behavior
No response
Steps To Reproduce
No response
Environment
No response
Anything else?
No response